started on TOTP

backend/Cargo.lock

@@ -187,6 +187,7 @@ dependencies = [
  "sha2",
  "sqlx",
  "tokio",
+ "totp-rs",
 ]
 
 [[package]]
@@ -204,6 +205,12 @@ dependencies = [
  "windows-link 0.2.0",
 ]
 
+[[package]]
+name = "base32"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "022dfe9eb35f19ebbcb51e0b40a5ab759f46ad60cadf7297e0bd085afb50e076"
+
 [[package]]
 name = "base64"
 version = "0.21.7"
@@ -289,6 +296,12 @@ version = "1.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
 
+[[package]]
+name = "byteorder-lite"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8f1fe948ff07f4bd06c30984e69f5b4899c516a3ef74f34df92a2df2ab535495"
+
 [[package]]
 name = "bytes"
 version = "1.10.1"
@@ -363,6 +376,12 @@ version = "0.9.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8"
 
+[[package]]
+name = "constant_time_eq"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7c74b8349d32d297c9134b8c88677813a227df8f779daa29bfc29c183fe3dca6"
+
 [[package]]
 name = "cookie"
 version = "0.18.1"
@@ -420,6 +439,15 @@ version = "2.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "19d374276b40fb8bbdee95aef7c7fa6b5316ec764510eb64b8dd0e2ed0d7e7f5"
 
+[[package]]
+name = "crc32fast"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9481c1c90cbf2ac953f07c8d4a58aa3945c425b7185c9154d67a65e4230da511"
+dependencies = [
+ "cfg-if",
+]
+
 [[package]]
 name = "crossbeam-channel"
 version = "0.5.15"
@@ -628,6 +656,15 @@ version = "2.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be"
 
+[[package]]
+name = "fdeflate"
+version = "0.3.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e6853b52649d4ac5c0bd02320cddc5ba956bdb407c4b75a2c6b75bf51500f8c"
+dependencies = [
+ "simd-adler32",
+]
+
 [[package]]
 name = "figment"
 version = "0.10.19"
@@ -660,6 +697,16 @@ version = "0.1.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0399f9d26e5191ce32c498bebd31e7a3ceabc2745f0ac54af3f335126c3f24b3"
 
+[[package]]
+name = "flate2"
+version = "1.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4a3d7db9596fecd151c5f638c0ee5d5bd487b6e0ea232e5dc96d5250f6f94b1d"
+dependencies = [
+ "crc32fast",
+ "miniz_oxide",
+]
+
 [[package]]
 name = "flume"
 version = "0.11.1"
@@ -1340,6 +1387,18 @@ dependencies = [
  "winapi-util",
 ]
 
+[[package]]
+name = "image"
+version = "0.25.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "db35664ce6b9810857a38a906215e75a9c879f0696556a39f59c62829710251a"
+dependencies = [
+ "bytemuck",
+ "byteorder-lite",
+ "num-traits",
+ "png",
+]
+
 [[package]]
 name = "indexmap"
 version = "2.11.4"
@@ -1590,6 +1649,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316"
 dependencies = [
  "adler2",
+ "simd-adler32",
 ]
 
 [[package]]
@@ -2033,6 +2093,19 @@ version = "0.3.32"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c"
 
+[[package]]
+name = "png"
+version = "0.17.16"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "82151a2fc869e011c153adc57cf2789ccb8d9906ce52c0b39a6b5697749d7526"
+dependencies = [
+ "bitflags 1.3.2",
+ "crc32fast",
+ "fdeflate",
+ "flate2",
+ "miniz_oxide",
+]
+
 [[package]]
 name = "polyval"
 version = "0.6.2"
@@ -2091,6 +2164,23 @@ dependencies = [
  "yansi",
 ]
 
+[[package]]
+name = "qrcodegen"
+version = "1.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4339fc7a1021c9c1621d87f5e3505f2805c8c105420ba2f2a4df86814590c142"
+
+[[package]]
+name = "qrcodegen-image"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "221b7eace1aef8c95d65dbe09fb7a1a43d006045394a89afba6997721fcb7708"
+dependencies = [
+ "base64 0.22.1",
+ "image",
+ "qrcodegen",
+]
+
 [[package]]
 name = "quote"
 version = "1.0.41"
@@ -2708,6 +2798,12 @@ dependencies = [
  "rand_core 0.6.4",
 ]
 
+[[package]]
+name = "simd-adler32"
+version = "0.3.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d66dc143e6b11c1eddc06d5c423cfc97062865baf299914ab64caa38182078fe"
+
 [[package]]
 name = "siphasher"
 version = "1.0.1"
@@ -3326,6 +3422,23 @@ version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5d99f8c9a7727884afe522e9bd5edbfc91a3312b36a77b5fb8926e4c31a41801"
 
+[[package]]
+name = "totp-rs"
+version = "5.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f124352108f58ef88299e909f6e9470f1cdc8d2a1397963901b4a6366206bf72"
+dependencies = [
+ "base32",
+ "constant_time_eq",
+ "hmac",
+ "qrcodegen-image",
+ "rand 0.9.2",
+ "sha1",
+ "sha2",
+ "url",
+ "urlencoding",
+]
+
 [[package]]
 name = "tower"
 version = "0.5.2"

backend/Cargo.toml

@@ -17,3 +17,4 @@ serde = { version = "1.0.228", features = ["derive"] }
 sha2 = "0.10.9"
 sqlx = { version = "0.7.4", features = ["macros", "time"] }
 tokio = { version = "1.47.1", features = ["full"] }
+totp-rs = { version = "5.7.0", features = ["gen_secret", "qr", "rand"] }

backend/migrations/20251009091103_auth-v2.sql

@@ -0,0 +1,15 @@
+-- Add migration script here
+DROP TABLE users;
+
+CREATE TABLE users (
+    id SERIAL PRIMARY KEY,
+    username VARCHAR(50) UNIQUE NOT NULL,
+    display_name VARCHAR(50),
+
+    email VARCHAR(100) NOT NULL,
+    password VARCHAR(100) NOT NULL,
+    totp_secret VARCHAR(100),
+
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
+);

backend/src/auth.rs

@@ -3,6 +3,7 @@ use std::time::{SystemTime, UNIX_EPOCH};
 use rand::Rng;
 use rocket::{
     Request,
+    fs::NamedFile,
     http::{CookieJar, Status},
     outcome::Outcome,
     post,
@@ -16,6 +17,8 @@ use rocket_db_pools::{
 use rocket_dyn_templates::{Template, context};
 use serde::{Deserialize, Serialize};
 use sha2::{Digest, Sha256};
+use sqlx::postgres::PgQueryResult;
+use totp_rs::{Algorithm, Secret, TOTP};
 
 use crate::db::DbConn;
 
@@ -25,6 +28,11 @@ pub struct UserCredentials {
     pub password: String,
 }
 
+#[get("/signup")]
+pub async fn signup_page() -> Template {
+    Template::render("signup", context!())
+}
+
 #[post("/signup", data = "<cred>")]
 pub async fn signup(
     cred: Json<UserCredentials>,
@@ -40,16 +48,8 @@ pub async fn signup(
     .await
     .map_err(|e| e.to_string())?;
 
-    let session = SessionToken::new(result.id as usize);
+    let session = Session::new(result.id as usize);
-    let result = sqlx::query!(
+    if let Err(e) = session.commit(&mut db).await {
-        "INSERT INTO sessions (user_id, token) VALUES ($1, $2)",
-        result.id,
-        session.token,
-    )
-    .execute(&mut **db)
-    .await;
-
-    if let Err(e) = result {
         eprintln!("Failed to create session: {}", e);
         return Err(e.to_string());
     }
@@ -60,45 +60,93 @@ pub async fn signup(
     Ok(Json("Signup successful".to_string()))
 }
 
-#[get("/signup")]
+#[get("/login")]
-pub async fn signup_page() -> Template {
+pub async fn login_page() -> Template {
-    Template::render("signup", context!())
+    Template::render("login", context!())
 }
 
 #[post("/login", data = "<cred>")]
 pub async fn login(
-    conn: Connection<DbConn>,
+    mut db: Connection<DbConn>,
+    jar: &CookieJar<'_>,
     cred: Json<UserCredentials>,
 ) -> Result<Json<String>, String> {
+    if let Ok(row) = sqlx::query!(
+        "SELECT id FROM users WHERE username = $1 AND password = $2",
+        cred.username,
+        cred.password,
+    )
+    .fetch_one(&mut **db)
+    .await
+    {
+        let session = Session::new(row.id as usize);
+        if let Err(e) = session.commit(&mut db).await {
+            eprintln!("Failed to create session: {}", e);
+            return Err(e.to_string());
+        }
+
+        jar.add_private(("session", session.token));
+        return Ok(Json("Signup successful".to_string()));
+    }
+
     // TODO: implement actual login logic, e.g. verify password and generate token
-    Ok(Json("Login successful".to_string()))
+    Err("login failed".to_string())
 }
 
-pub struct SessionToken {
+#[get("/totp")]
+pub async fn mfa_page(session: Session) -> Template {
+    Template::render("2fa", context!())
+}
+
+#[get("/api/totp.jpg")]
+pub async fn gen_totp(s: Session) -> Option<QrCodeImage> {
+    let totp = TOTP::new(
+        Algorithm::SHA1,
+        6,
+        1,
+        30,
+        Secret::generate_secret().to_bytes().unwrap(),
+        Some("Github".to_string()),
+        format!("{}", s.user_id),
+    )
+    .unwrap();
+
+    let qr = totp.get_qr_base64().unwrap();
+
+    Some(QrCodeImage(qr.into()))
+}
+
+#[derive(Debug)]
+pub struct Session {
     pub token: String,
     pub user_id: usize,
 }
 
-impl SessionToken {
+impl Session {
     pub fn new(user_id: usize) -> Self {
         let current_time = SystemTime::now().duration_since(UNIX_EPOCH).unwrap();
         let random: u32 = rand::rng().random();
         let token = format!("{}-{}", current_time.as_secs(), random);
         let hashed = format!("{:x}", Sha256::digest(token.as_bytes()));
-        SessionToken {
+        Self {
             token: hashed,
             user_id,
         }
     }
+
+    pub async fn commit(&self, db: &mut Connection<DbConn>) -> Result<PgQueryResult, sqlx::Error> {
+        sqlx::query!(
+            "INSERT INTO sessions (user_id, token) VALUES ($1, $2)",
+            self.user_id as i32,
+            self.token,
+        )
+        .execute(&mut ***db)
+        .await
+    }
 }
 
-type UserID = usize;
-
-#[derive(Debug)]
-pub struct AuthGuard(pub UserID);
-
 #[rocket::async_trait]
-impl<'r> FromRequest<'r> for AuthGuard {
+impl<'r> FromRequest<'r> for Session {
     type Error = ();
 
     async fn from_request(request: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
@@ -110,16 +158,18 @@ impl<'r> FromRequest<'r> for AuthGuard {
 
             let value = c.value();
             let result = sqlx::query!(
-                "SELECT user_id FROM sessions WHERE token = $1 AND expires_at > NOW()",
+                "SELECT user_id, token FROM sessions WHERE token = $1 AND expires_at > NOW()",
                 value
             )
             .fetch_optional(&mut **pool)
             .await
             .expect("query failed!");
 
-            if let Some(token) = result {
+            if let Some(session) = result {
-                let user_id = token.user_id;
+                Outcome::Success(Self {
-                Outcome::Success(AuthGuard(user_id as usize))
+                    user_id: session.user_id as usize,
+                    token: session.token,
+                })
             } else {
                 Outcome::Error((Status::Unauthorized, ()))
             }
@@ -128,3 +178,18 @@ impl<'r> FromRequest<'r> for AuthGuard {
         }
     }
 }
+
+use rocket::http::ContentType;
+use rocket::response::{self, Responder, Response};
+use std::io::Cursor;
+
+pub struct QrCodeImage(Vec<u8>);
+
+impl<'r> Responder<'r, 'static> for QrCodeImage {
+    fn respond_to(self, _: &'r rocket::Request<'_>) -> response::Result<'static> {
+        Response::build()
+            .header(ContentType::PNG)
+            .sized_body(self.0.len(), Cursor::new(self.0))
+            .ok()
+    }
+}

backend/src/llm.rs

@@ -42,7 +42,7 @@ impl LlmWorker {
             .json(&payload)
             .send()
             .await
-            .unwrap();
+            .map_err(|_| String::from("Failed to make request to LLM server"))?;
 
         // The API returns a JSON with `choices[].message.content`
         #[derive(Deserialize)]
@@ -54,7 +54,10 @@ impl LlmWorker {
             message: Message,
         }
 
-        let llm_resp: LlmResponse = resp.json().await.unwrap();
+        let llm_resp: LlmResponse = resp
+            .json()
+            .await
+            .map_err(|_| String::from("Failed to make request to LLM server"))?;
 
         Ok(ChatMsg {
             display_name: message.display_name.clone(),

backend/src/main.rs

@@ -11,7 +11,7 @@ use rocket_db_pools::{Connection, Database};
 use rocket_dyn_templates::Template;
 use std::sync::Arc;
 
-use crate::auth::AuthGuard;
+use crate::auth::Session;
 use crate::db::DbConn;
 use crate::messages::ChatBroadcaster;
 
@@ -22,7 +22,7 @@ pub mod llm;
 pub mod messages;
 
 #[get("/users", rank = 2)]
-async fn users(_ag: AuthGuard, mut db: Connection<DbConn>) -> Json<Vec<i32>> {
+async fn users(_ag: Session, mut db: Connection<DbConn>) -> Json<Vec<i32>> {
     sqlx::query!("SELECT id FROM users")
         .fetch_all(&mut **db)
         .await
@@ -34,7 +34,7 @@ async fn users(_ag: AuthGuard, mut db: Connection<DbConn>) -> Json<Vec<i32>> {
 }
 
 #[get("/users/<id>", rank = 1)]
-async fn username_for_id(id: usize, _ag: AuthGuard, mut db: Connection<DbConn>) -> String {
+async fn username_for_id(id: usize, _ag: Session, mut db: Connection<DbConn>) -> String {
     sqlx::query!("SELECT username FROM users WHERE id = $1", id as i32)
         .fetch_one(&mut **db)
         .await
@@ -74,6 +74,7 @@ fn rocket() -> Rocket<Build> {
                 messages::event_stream,
                 auth::signup,
                 auth::signup_page,
+                auth::login_page,
                 auth::login
             ],
         )

backend/src/messages.rs

@@ -11,7 +11,7 @@ use serde::{Deserialize, Serialize};
 use sqlx::prelude::FromRow;
 use tokio::sync::broadcast;
 
-use crate::{auth::AuthGuard, db::DbConn, llm::LlmWorker};
+use crate::{auth::Session, db::DbConn, llm::LlmWorker};
 
 /// ---------- shared broadcaster ----------
 pub struct ChatBroadcaster {
@@ -47,14 +47,14 @@ pub async fn post_message(
     mut msg: Json<ChatMsg>,
     chat: &rocket::State<Arc<ChatBroadcaster>>,
     mut db: Connection<DbConn>,
-    ag: AuthGuard,
+    session: Session,
 ) -> Result<(), String> {
     const CHANNEL_ID: i32 = 1;
     const LMSTUDIO_URI: &'static str = "http://127.0.0.1:1234/v1/chat/completions";
 
     let chat = chat.inner().clone();
 
-    msg.user_id = ag.0;
+    msg.user_id = session.user_id;
     chat.publish(msg.clone().into_inner()).await;
 
     sqlx::query!(
@@ -92,7 +92,7 @@ pub async fn post_message(
 }
 
 #[get("/messages")]
-pub async fn get_messages(mut db: Connection<DbConn>, _ag: AuthGuard) -> Json<Vec<ChatMsg>> {
+pub async fn get_messages(mut db: Connection<DbConn>, _session: Session) -> Json<Vec<ChatMsg>> {
     Json(
         sqlx::query!(
             "SELECT u.username, u.display_name, u.id, m.content, m.created_at FROM messages m JOIN users u ON m.user_id = u.id ORDER BY m.created_at DESC LIMIT 100"
@@ -117,7 +117,7 @@ pub async fn get_messages(mut db: Connection<DbConn>, _ag: AuthGuard) -> Json<Ve
 pub async fn event_stream(
     chat: &rocket::State<Arc<ChatBroadcaster>>,
     db: Connection<DbConn>,
-    ag: AuthGuard,
+    ag: Session,
 ) -> EventStream![] {
     let mut rx = chat.subscribe();
 
@@ -140,6 +140,6 @@ pub async fn event_stream(
 }
 
 #[get("/")]
-pub async fn chat_page(ag: AuthGuard) -> Template {
+pub async fn chat_page(session: Session) -> Template {
-    Template::render("chat", context!(user_id: ag.0))
+    Template::render("chat", context!(user_id: session.user_id))
 }

backend/static/css/index.css

@@ -382,7 +382,6 @@ body {
     background-size: cover;
     border: 2px solid #252525;
     flex-shrink: 0;
-    background-image: url("static/profile_pics/default.jpg");
 }
 
 .user-avatar.blue {

backend/templates/2fa.html.tera

@@ -0,0 +1,56 @@
+<!doctype html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        <title>Discord Clone - Group Chat</title>
+        <link rel="stylesheet" href="static/css/index.css"/>
+    </head>
+    <body>
+        <div class="chat-container">
+        <!--<div class="chat-container" style="background-image: url('cdn/background.png'); backdrop-filter: blur(10px); background-size: cover; background-position: center; background-repeat: no-repeat;">-->
+            <!-- Chat Header -->
+            <div class="chat-header">
+                <div class="chat-title">
+                    <img class="user-avatar" src="cdn/profile/0"></img>
+                    <h1>Chat title</h1>
+                </div>
+            </div>
+
+            <!-- Live Location Notification Bubble -->
+            <div class="notification-container">
+                <div class="live-location-bubble" id="locationBubble">
+                    <div class="map-container">
+                        <img src="cdn/map.png" alt="Map" />
+                    </div>
+                    <div class="location-content">
+                        <div class="location-icon">
+                            <img src="cdn/icons/location.svg" alt="Location"></img>
+                        </div>
+                        <button class="join-button" id="joinButton">
+                            Join
+                        </button>
+                        <div class="location-text">Live Location</div>
+                        <div class="location-users" id="locationUsers">
+                            <!-- Users will be added dynamically -->
+                        </div>
+                    </div>
+                </div>
+            </div>
+
+            <!-- Messages Container -->
+            <!--<div class="messages-container" style="background-image: url('cdn/background.png'); backdrop-filter: blur(10px); background-size: cover; background-position: center; background-repeat: no-repeat;">-->
+            <div class="messages-container"></div>
+
+            <!-- Input Container -->
+            <div class="input-container">
+                <div class="input-wrapper">
+                    <input type="text" placeholder="Start Typing..." />
+                    <button class="send-button">
+                         <img src="cdn/icons/send.svg" alt="Send" />
+                    </button>
+                </div>
+            </div>
+        </div>
+    </body>
+</html>

backend/templates/login.html.tera

@@ -0,0 +1,159 @@
+<!doctype html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        <title>Discord Clone - Sign Up</title>
+        <link rel="stylesheet" href="static/css/index.css"/>
+    </head>
+    <body>
+        <div class="signup-container">
+            <div class="signup-header">
+                <div class="logo">DC</div>
+                <h1>Login</h1>
+                <p>Enter the chat</p>
+            </div>
+
+            <div class="signup-form">
+                <div class="success-message" id="successMessage">
+                    Login successful, Redirecting
+                </div>
+
+                <div class="form-group">
+                    <label for="username">Username</label>
+                    <input
+                        type="text"
+                        id="username"
+                        name="username"
+                        placeholder="Enter your username"
+                        required
+                    />
+                    <div class="error-message">Username is required</div>
+                </div>
+
+                <div class="form-group">
+                    <label for="password">Password</label>
+                    <div class="input-wrapper">
+                        <input
+                            type="password"
+                            id="password"
+                            name="password"
+                            placeholder="Enter your password"
+                            required
+                        />
+                        <button
+                            type="button"
+                            class="password-toggle"
+                            id="passwordToggle"
+                        >
+                            SHOW
+                        </button>
+                    </div>
+                    <div class="error-message">
+                        Password must be at least 8 characters
+                    </div>
+                </div>
+
+                <button type="button" class="submit-button" id="submitButton">
+                    Login
+                </button>
+            </div>
+
+            <div class="signup-footer">
+                Already have an account? <a href="/login">Log in</a>
+            </div>
+        </div>
+
+        <script>
+            const form = {
+                username: document.getElementById("username"),
+                password: document.getElementById("password"),
+            };
+
+            const submitButton = document.getElementById("submitButton");
+            const successMessage = document.getElementById("successMessage");
+
+            // Password toggle functionality
+            const passwordToggle = document.getElementById("passwordToggle");
+
+            passwordToggle.addEventListener("click", function () {
+                const type =
+                    form.password.type === "password" ? "text" : "password";
+                form.password.type = type;
+                this.textContent = type === "password" ? "SHOW" : "HIDE";
+            });
+
+            function toggleError(input, hasError) {
+                const formGroup = input.closest(".form-group");
+                if (hasError) {
+                    formGroup.classList.add("error");
+                } else {
+                    formGroup.classList.remove("error");
+                }
+            }
+
+            // Form submission
+            submitButton.addEventListener("click", async function () {
+
+                // Disable button and show loading
+                submitButton.disabled = true;
+                submitButton.innerHTML =
+                    '<span class="loading-spinner"></span>Creating Account...';
+
+                // Prepare data
+                const formData = {
+                    username: form.username.value.trim(),
+                    password: form.password.value,
+                };
+
+                try {
+                    // Replace with your actual backend endpoint
+                    const response = await fetch(
+                        "http://localhost:8000/login",
+                        {
+                            method: "POST",
+                            headers: {
+                                "Content-Type": "application/json",
+                            },
+                            body: JSON.stringify(formData),
+                        },
+                    );
+
+                    if (response.ok) {
+                        // Show success message
+                        successMessage.classList.add("show");
+                        submitButton.innerHTML = "Logged in!!";
+
+                        // Optional: Redirect after success
+                        setTimeout(() => {
+                            // window.location.href = '/chat';
+                            console.log("Redirecting to chat...");
+                        }, 2000);
+                    } else {
+                        const error = await response.json();
+                        throw new Error(error.message || "Login failed");
+                    }
+                } catch (error) {
+                    console.error("Login error:", error);
+                    alert(
+                        error.message ||
+                            "Failed to login. Please try again.",
+                    );
+                    submitButton.disabled = false;
+                    submitButton.innerHTML = "Login";
+                }
+            });
+
+            // Allow Enter key to submit
+            Object.values(form).forEach((input) => {
+                if (input.tagName === "INPUT") {
+                    input.addEventListener("keypress", function (e) {
+                        if (e.key === "Enter") {
+                            submitButton.click();
+                        }
+                    });
+                }
+            });
+        </script>
+    </body>
+</html>

migrations/20251001212022_prototype-v1.sql

@@ -1,47 +0,0 @@
--- Add migration script here
-CREATE TABLE users {
-    id SERIAL PRIMARY KEY,
-    username VARCHAR(50) UNIQUE NOT NULL,
-    password VARCHAR(50) NOT NULL,
-    display_name VARCHAR(50),
-    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
-}
-
-CREATE TABLE messages {
-    id SERIAL PRIMARY KEY,
-    user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
-    content TEXT NOT NULL,
-    created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
-    is_edited BOOLEAN DEFAULT FALSE
-}
-
-create table attachments {
-    id SERIAL PRIMARY KEY,
-    message_id INTEGER NOT NULL REFERENCES messages(id) ON DELETE CASCADE,
-    path TEXT NOT NULL
-}
-
-CREATE INDEX idx_users_username ON users(username)
-CREATE INDEX idx_new_messages ON messages(created_at DESC)
-
--- Create a function to update the updated_at timestamp
-CREATE OR REPLACE FUNCTION update_updated_at_column()
-RETURNS TRIGGER AS $$
-BEGIN
-    NEW.updated_at = CURRENT_TIMESTAMP;
-    RETURN NEW;
-END;
-$$ language 'plpgsql';
-
--- Create trigger for users table
-CREATE TRIGGER update_users_updated_at
-    BEFORE UPDATE ON users
-    FOR EACH ROW
-    EXECUTE FUNCTION update_updated_at_column();
-
--- Create trigger for messages table
-CREATE TRIGGER update_messages_updated_at
-    BEFORE UPDATE ON messages
-    FOR EACH ROW
-    EXECUTE FUNCTION update_updated_at_column();